Skip to content

Commit

Permalink
small refactoring
Browse files Browse the repository at this point in the history
Signed-off-by: Quentin JEROME <[email protected]>
  • Loading branch information
qjerome committed Sep 29, 2023
1 parent a873fee commit 6ae9f54
Show file tree
Hide file tree
Showing 5 changed files with 29 additions and 3 deletions.
14 changes: 14 additions & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 5 additions & 1 deletion kunai-common/src/events.rs
Original file line number Diff line number Diff line change
Expand Up @@ -277,6 +277,10 @@ impl EventInfo {
self.process.tg_uuid.random = rand;
self.parent.tg_uuid.random = rand;
}

pub fn switch_type(&mut self, new: Type) {
self.etype = new
}
}

#[cfg(target_arch = "bpf")]
Expand Down Expand Up @@ -340,7 +344,7 @@ impl<T> Event<T> {

pub fn switch_type(mut self, new: Type) -> Self {
// we record original event type
self.info.etype = new;
self.info.switch_type(new);
self
}
}
Expand Down
1 change: 0 additions & 1 deletion kunai-common/src/events/correlation.rs
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ pub type CorrelationEvent = Event<CorrelationData>;
// the data in this structure should always be serializable
// to a byte array, it should not contain any pointers
pub struct CorrelationData {
//pub origin: Type,
pub argv: Buffer<MAX_ARGV_SIZE>,
pub exe: Path,
pub paths: [Option<Path>; 1],
Expand Down
7 changes: 6 additions & 1 deletion kunai/src/bin/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,11 @@ struct CorrelationData {
}

impl CorrelationData {
#[inline(always)]
fn command_line_string(&self) -> String {
self.command_line.join(" ")
}

fn free_memory(&mut self) {
self.resolved = HashMap::new();
}
Expand Down Expand Up @@ -230,7 +235,7 @@ impl EventProcessor {
fn get_command_line(&self, key: u128) -> String {
let mut cl = String::from("?");
if let Some(corr) = self.correlations.get(&key) {
cl = corr.command_line.join(" ");
cl = corr.command_line_string();
}
cl
}
Expand Down
4 changes: 4 additions & 0 deletions kunai/src/info.rs
Original file line number Diff line number Diff line change
Expand Up @@ -101,14 +101,17 @@ pub struct StdEventInfo {
}

impl StdEventInfo {
#[inline(always)]
pub fn correlation_key(&self) -> u128 {
CorrInfo::corr_key(self.info.process.tg_uuid)
}

#[inline(always)]
pub fn parent_correlation_key(&self) -> u128 {
CorrInfo::corr_key(self.info.parent.tg_uuid)
}

#[inline]
pub fn with_event_info(mut info: EventInfo, rand: u32) -> Self {
// we set the random part needed to generate uuids for events
info.set_uuid_random(rand);
Expand All @@ -123,6 +126,7 @@ impl StdEventInfo {
}
}

#[inline]
pub fn with_additional_fields(mut self, fields: AdditionalFields) -> Self {
self.additional = fields;
self
Expand Down

0 comments on commit 6ae9f54

Please sign in to comment.